Porno links in the Swiki
Bijan Parsia
bparsia at email.unc.edu
Tue Mar 12 15:21:33 UTC 2002
On Tue, 12 Mar 2002, Andreas Raab wrote:
> > > Whilst I'm well aware that it *may* be an isolated case,
> > > we may wish to plan how to 'harden' a Swiki against
> > > this kind of attack. Not easy, as the usualtrade-off between
> > > freedom and security raises its head almost immediately.
> >
> > If someone persistent comes along, you pretty much have to
> > shut down, at least for a while. :(
>
> I find this unlikely. Many more people actively watch the Swiki than
> would eventually deface it.
It is true that the Wiki's that I've seen that had to "seal themselves
off" for a while were mainly maintained by one or two folks.
VisualWorks Wikis have a nice feature, sort of a "revert to previous
version". We can kind of do that by copy and paste.
However, while a *bad* feature for general use, it seems an excellent
feature for an administrator
> Turns out that these attacks have been there
> in the past but considering the psychological implications (no coolness
> factor whatsoever) and the numbers (thousands to one) it seems to me
> that the best way to go about it is to just ignore it.
Well, a sort of complicated ignoring that involves paying a lot of
attention :)
> The defacement
> didn't stand for longer than a few hour and fortunately, Swikis do have
> a history so even the vandalism factor is exactly zero. If some dude
> really thinks he has to spent about twenty minutes in making stuff up
> and we can revert it in two seconds, then that's a tradeoff I can easily
> live with.
Sure, except it really is not all *that* hard to overwhelm even thousands,
and polluting the histories of pages can be a real drag.
I'm not saying that we're anywhere near this point yet, especially if the
"vandal" can be tracked down and noogied.
Cheers,
Bijan Parsia.
More information about the Squeak-dev
mailing list
|